Background

The aim of this project is to build up a libary of practical solutions to specific security problems.

Rather than give explanations of security issues and defensive techniques - something which is done by Cheat Sheets and HOWTOs -
the JDIs will consist of detailed, explicit instructions addressing specific issues using specific technology.

Like recipes, a JDI may suit some tastes more than others and, again like recipes, there can be more than one JDI for the same problem.

The benefits will be

practical, if limited, solutions for developers without them first having to become an expert in the problem space - something which time often does not permit

usable code which can be a practical introduction to defensive technologies, such as ESAPI, AntiSamy, etc.

The Process

The project will

endeavour to source a suitable solutions to specific, practical problems on request, and

adopt solutions already developed by developers and/or security specialists which they would like to share.